#/bin/bash

iptables -F INPUT
iptables -t nat -F


iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination 10.0.0.2:22

iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A POSTROUTING -p tcp --dport 80 -j SNAT --to-source 10.0.0.2


iptables -A INPUT -i eth1 -p icmp -m limit --limit 10/minute -j ACCEPT

iptables -A INPUT -i eth1 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth1 -p tcp --dport 22 -m limit --limit 3/minute -j ACCEPT

iptables -A INPUT -i eth1 -j REJECT
